NEW DELHI: Air India’s frequent flyers have been grounded, so to say, at least for the time being, after dozens of the airlines’ frequent flyer programme accounts were hacked. Highly placed sources told TOI that flying miles worth several lakhs of rupees have been redeemed fraudulently. Senior officers of Delhi Police confirmed that at least 20 such accounts have been determined to have been hacked and flying miles worth Rs 16 lakh redeemed by the hackers.

Detailing the steps taken by Air India consequent to the detection of the hacking, Praveen Lal, manager (commercial), said, “All the affected membership accounts have been suspended so that no further activity can take place from these accounts. The affected user IDs have been deactivated along with user IDs that have identical user names and passwords. Also, all such user IDs that have not been active for the past three months have been deactivated.”

Flying Returns, Air India’s frequent flier programme, has around 19.5 lakh accounts. In its complaint, which has been accessed by TOI, the airline has elaborated on the steps taken by a person to become a member of this club and has indicated to the police that the hacker might have been aware of the process and subverted it.

After the fraud was unearthed, the airline has been taking all the measures to ensure that its fliers don’t experience inconvenience or financial loss.

Seeking urgent help, the airline contact Delhi Police chief Alok Verma, who ordered a probe to be carried out on a priority. The cops and the airline are now tracking people whose tickets have been booked using the stolen flying miles. Scrutinising this, the police believe, could lead them to the suspects.

SS Basu of Air India’s vigilance department has communicated to the police that on June 17 a flier named Ankit was identified as holding a suspect ticket. The cops have been supplied with his web check-in boarding card and his ticket for flight AI 849 dated June 10. The police have contacted the passenger to find out which agent he had used to book the ticket.

Sources in the police said that they suspected the role of a travel agency or an insider in the racket. The internet protocol address of the suspect computer has been identified as 106.215.147.*** and is the only available lead with cops as of now, a senior officer disclosed. The investigators are ascertaining the phone number and documents with the help of the internet service provider from whom the user of the suspect computer obtained the Net connection.

“Apart from the computer hacker, we suspect the role of a present or a former employee who may be aware of the intricacies and loopholes in the system,” a senior police officer said. “We have asked the airline to supply us a list of employees who have quit the company recently.”

Both the Cyber Cell and Special Cell of Delhi Police have been roped in to unravel the fraud. An offence under the Information Technology Act was in the process of being registered and a team led by an additional CP rank officer has been formed to crack the case. “Both a virtual and a physical manhunt has been launched to trace the perpetrators,” the officer said.